kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: kube-registry-pvc
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: {{ storageClassName }}
  resources:
    requests:
      storage: 100Gi

---

apiVersion: v1
kind: Service
metadata:
  name: kube-registry
  namespace: kube-system
  labels:
    k8s-app: kube-registry
spec:
  type: NodePort
  selector:
    k8s-app: kube-registry
  ports:
  - name: registry
    port: 5000
    protocol: TCP
  - name: registry-ui
    port: 80
    protocol: TCP

---

apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-registry
  namespace: kube-system
  labels:
    k8s-app: kube-registry
spec:
  replicas: 1
  selector:
    k8s-app: kube-registry
  template:
    metadata:
      labels:
        k8s-app: kube-registry
    spec:
      nodeSelector:
        nodetype: persistent
      containers:
      - name: registry
        image: {{registry_prefix}}:{{registry_port}}/docker.io/registry:2
        env:
        - name: REGISTRY_HTTP_ADDR
          value: :5000
        - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY
          value: /var/lib/registry
        - name: REGISTRY_AUTH_HTPASSWD_REALM
          value: basic_realm
        - name: REGISTRY_AUTH_HTPASSWD_PATH
          value: /auth/htpasswd
        - name: REGISTRY_STORAGE_DELETE_ENABLED
          value: "true"
        volumeMounts:
        - name: image-store
          mountPath: /var/lib/registry
        - name: auth-dir
          mountPath: /auth
        ports:
        - containerPort: 5000
          name: registry
          protocol: TCP
      - name: registry-ui
        image: {{registry_prefix}}:{{registry_port}}/docker.io/konradkleine/docker-registry-frontend:v2
        env:
        - name: ENV_DOCKER_REGISTRY_HOST
          value: "localhost"
        - name: ENV_DOCKER_REGISTRY_PORT
          value: "5000"
        ports:
        - containerPort: 80
          name: registry
          protocol: TCP
      volumes:
      - name: image-store
        persistentVolumeClaim:
          claimName: kube-registry-pvc
      - name: auth-dir
        secret:
          secretName: registry-auth-secret
---

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: f2c-registry-ui-ingress
  namespace: kube-system
spec:
  rules:
  - host: registry-ui.{{APP_DOMAIN}}
    http:
      paths:
      - path: /
        backend:
          serviceName: kube-registry
          servicePort: 80

---

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: f2c-registry-ingress
  namespace: kube-system
spec:
  rules:
  - host: registry.{{APP_DOMAIN}}
    http:
      paths:
      - backend:
          serviceName: kube-registry
          servicePort: 5000
